﻿/*
Commerce by Onex – eCommerce software platform (www.ecommerce.byonex.com)
Copyright (C) 2008-2010 by Onex Group

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 */
using System;
using System.Collections.Generic;
using System.Text;
using ShopModel;
using System.Data;
using System.Data.SqlClient;

namespace ShopDAO
{
    public class PassResetsDAO
    {
        private string connectionString;

        private SqlConnection Connection()
        {
            return new SqlConnection(connectionString);
        }

        public PassResetsDAO()
        {
            connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["csShop"].ConnectionString;
        }

        public bool ResetPass(Guid guid, string code)
        {
            SqlConnection sqlC = Connection();
            SqlCommand command = sqlC.CreateCommand();

            command.CommandText = "DELETE FROM PassResets WHERE Guid=@guid;INSERT INTO PassResets (Guid, Code) VALUES (@guid, @code)";

            command.Parameters.Add(new SqlParameter("@guid", guid));
            command.Parameters.Add(new SqlParameter("@code", code));
            bool result = false;
            try
            {
                sqlC.Open();
                result = command.ExecuteNonQuery()>0?true:false;
            }
            catch (Exception ex)
            {
                ErrorLogger.LogError(ex);
                result = false;
            }
            finally
            { sqlC.Close(); }

            return result;
        }

        public string GetPassReset(Guid guid)
        {
            SqlConnection sqlC = Connection();
            SqlCommand command = sqlC.CreateCommand();

            command.CommandText = "SELECT Code FROM PassResets where Guid='"+guid+"' AND Used=0";
            string result = string.Empty;
            try
            {
                sqlC.Open();
                SqlDataReader reader = command.ExecuteReader(CommandBehavior.CloseConnection);
                if (reader.Read())
                {
                    result = reader["Code"].ToString();
                }
                reader.Close();
            }
            catch (Exception ex)
            {
                ErrorLogger.LogError(ex);
                result = string.Empty;
            }
            finally
            { sqlC.Close(); }

            return result;
        }

        public bool FinishPassReset(Guid guid)
        {
            SqlConnection sqlC = Connection();
            SqlCommand command = sqlC.CreateCommand();

            command.CommandText = "DELETE FROM PassResets WHERE Guid='"+guid+"'";

            bool result = false;
            try
            {
                sqlC.Open();
                result = command.ExecuteNonQuery() > 0 ? true : false;
            }
            catch (Exception ex)
            {
                ErrorLogger.LogError(ex);
                result = false;
            }
            finally
            { sqlC.Close(); }

            return result;
        }
    }
}
